Bright Logo

Security Testing
Spec by Spec

May 18, 9am PT, 12pm ET, 5pm UK

Ensuring your applications are secure has never been more critical. Being able to run effective, fast and accurate security tests, early on every Spec, will ensure your Crystal applications are secure.

In this workshop, Bar and Jeremy will be detailing the importance of security testing automation and how this can be automated using Bright's Crystal Language SecTester


  • A quick intro into AppSec testing automation and DAST (Dynamic Application Security Testing)
  • How you can start to run security tests on every Spec with the SecTester on any Crystal application to find security vulnerabilities
  • Together, we will create a new crystal project, adding SecTester to a Shard yaml, set up a FREE Bright account and run a security test, discussing the results.
  • Showcase the Lucky Framework and how you can automatically generate the configuration as well as a full spec suite, to generate a full web application with authentication, SecTester configuration and specs that can be run to test your application automatically

Sign up for workshop


Bar Hofesh

CTO & co-founder of Bright

Bar is the CTO and Co-founder of Bright, an application security testing scanner, enabling developers to detect and remediate security issues early. Having built bright's engine in Crystal, he is strong advocate and user of the Crystal Language, as well as cyber security veteran with more than a decade of experience acting as a Security Officer, Researcher, Developer and Software Architect. Bar is committed to transforming the way organisations test their apps and APIs, with automation that keeps up with their rapid release cycles, focussing on security unit testing.

Jeremy Woertink

Key contributor to the Lucky Framework

Jeremy is a software developer from Las Vegas currently contracting on several large scale projects, as well as a core team member on the Lucky Framework.

A United States Marine Corps Veteran, he spends his leisure time playing bass guitar in a local band, and coming up with new DIY home projects when not focusing on OpenSourceSoftware contributions

Security Testing, Made Simple




Actionable reports







Trusted by security teams and loved by developers at:


Why our Clients Love Us


“We dont have a security team, but with Bright's security scanner, my developers can test our applications and APIs for security vulnerabilities, which was not possible with other tools. This gives us great coverage, all neatly integrated in our pipeline. We really liked Bright's no false positives - my team would have to manually dig into each issue to see if it were really there, which was not scalable. Now, we can trust the output and dont have to rely on manual testing”

Mike McLaren

CTO Fastlane